Hash password in a Laravel app and check in another one

Question

I have a system where several Laravel apps upload information to individuals databases, the information of these databases could be accessed with a universal Laravel API which is the core of the system. I use hash::make in my Laravel apps to hash my passwords but I want to check them in my Laravel API but when I try to \hash::check the passwords don't match.

This is my hash code in my Laravel app:

            $patient = new patient();
            $patient->username = $request->input('username');
            $patient->password = \Hash::make($request->input('password'));
            $patient->fullname = $request->input('name');
            $patient->note = $request->input('note');
            $patient->save();

And this is my API Login code:

        $username  = $request->username;
        $password  = $request->password;
        $patient = Patients::where('username','=',$username)->get();
        if (\Hash::check($password, $patient[0]->password))
        {
            return response()->json($patient[count($patient)-1]);
        }else {
            return 0;
        }  

Am I doing something wrong or I just can't do something like that?

Thanks :)

I'm using Laravel 5.8

Answer 1

This solved my problem:

"You can do this, but each of your Laravel apps need to have the same APP_KEY= in .env and config/app.php"

Answer 2

My guess is that your config/hashing.php could be configured differently between these apps. There are multiple options (e.g. Bcrypt, Argon2i, Argon2id, etc...) for this configuration and which one is used when the hashed password is stored, will matter when checking it. Make sure they are consistent across the different apps.